Skip to content

ibrahim1023/SheetProof

BranchesTags

Repository files navigation

SheetProof

SheetProof is a local-first trust layer for business-critical Excel workbooks.

It focuses on deterministic spreadsheet auditing:

  • workbook parsing
  • formula inventory
  • dependency graphing
  • formula consistency checks
  • hardcoded override detection
  • hidden/external dependency detection
  • workbook diffing
  • assumption extraction
  • assumption delta tracking between workbook versions
  • risk scoring
  • evidence-backed report generation

Status

Implemented:

  • deterministic audit pipeline
  • workbook diff pipeline
  • local explain (Ollama) with deterministic-artifact guardrails

Quick Start

python -m venv .venv
source .venv/bin/activate
pip install -e .[dev]
sheetproof --help
pytest

Commands

sheetproof audit workbook.xlsx
sheetproof audit workbook.xlsx --policy-pack finance
sheetproof diff old.xlsx new.xlsx
sheetproof diff old.xlsx new.xlsx --policy-pack compliance
sheetproof gate --workbook workbook.xlsx --max-high-risk-findings 5 --max-external-references 0
sheetproof gate --old-workbook old.xlsx --new-workbook new.xlsx --max-new-hidden-sheets 0
sheetproof explain workbook.xlsx --cell "Summary!F12"
sheetproof eval-explain --dataset evals/datasets/explain_schema_cases.json --output evals/results/explain_eval_results.json

explain requirements:

  • run audit first for the same workbook (uses .sheetproof deterministic artifacts)
  • enable LLM provider in config (sheetproof.yml):
llm:
  enabled: true
  provider: "local"
  model: "qwen"
  base_url: "http://localhost:11434"
  timeout_seconds: 40
  max_retries: 2
local_only: false

Supported providers:

  • local / ollama (local runtime)
  • openai
  • anthropic
  • gemini

If local_only: true, hosted providers are blocked.

Output Artifacts (target MVP)

  • .sheetproof/workbook-index.json
  • sheetproof-report.md
  • sheetproof-report.json
  • risk-cells.csv
  • formula-map.json
  • dependency-graph.json
  • assumption-register.csv
  • workbook-diff.json
  • assumption-diff.json
  • reproducibility-manifest.json
  • traces.jsonl
  • explanations.json
  • gate-result.json

Policy Packs

Deterministic policy packs are supported:

  • finance
  • compliance
  • operations

Use --policy-pack to apply one. Policy packs control deterministic severities, volatile-function handling, and high-risk sheet lists.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages